PHP version of the micro-trust platform for the introduction of the developer Certification method _php Example

Source: Internet
Author: User
Tags file url sha1 sha1 encryption

This article describes the PHP version of the micro-trust public platform developer authentication method. Share to everyone for your reference, specific as follows:

How does a micro-credit public platform become a developer?

Login Micro-trust public platform, click the advanced function = "Development mode =" Become a developer = "Fill in the interface configuration information, submitted to wait for our staff audit."

1. Developer Certification

This is the simplest, direct the previous super simple version of the code:

Exit ($_get[' echostr ']);

PHP file on the line above this sentence, micro-trust public platform casually fill token, write php file URL, and then verify can pass, super simple? Official certification is not necessary, because the next step does not use the verification signature of the place, so this place for the diagram to facilitate the direct output return value easily through verification, of course, the following also gives the official requirements of the authentication code:

$token = ' one ';
$signarr =array ($token, $_get[' timestamp '],$_get[' nonce '));
if ($this->signnature ($signarr, $_get[' signature '))) {
  exit ($_get[' echostr ']);
function Signnature ($arr, $signature) {
  sort ($arr);
  if (SHA1 implode ($arr) = = = $signature) return true;
  return false;
}

Save the above code as a PHP file, set the same token on the micro-trust platform, and then validate it.

Note: URL is allowed with get parameters

2. URL Access:

Once the public platform user submits the information, we will request the form of a GET request to the completed URL with four parameters:

* signature-Micro-Letter encryption Signature

* timestamp-time stamp

* nonce-Random number

* echostr-Random string

The developer verifies the validity of the URL access by checking the signature, if the GET request returns the ECHOSTR parameter content as is, the access is valid, otherwise the access fails, and the verification signature will combine the token parameters that the developer fills in, Timestamp parameters and Nonce parameters.

3. Encryption Process:

* Sort token, timestamp, nonce three parameters in dictionary order

* Concatenation of three parameter strings into a string for SHA1 encryption

* The developer obtains the encrypted string to compare with the signature, which identifies the request from the micro-letter.

For more information on PHP related content readers can view the site topics: "PHP micro-credit Development Skills summary", "PHP coding and transcoding Operation skills Summary", "PHP Network Programming Skills Summary", "PHP basic Grammar Introductory Course", "PHP string (String) Usage Summary", "php+ MySQL Database operations Introduction tutorial and PHP Common database operation Skills Summary

I hope this article will help you with the PHP program design.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.